Tree @debian/openssl-1.1.1-2 (Download .tar.gz)
- ..
- certs
- ct
- d2i-tests
- ocsp-tests
- ossl_shim
- recipes
- smime-certs
- ssl-tests
- testutil
- aborttest.c
- afalgtest.c
- asn1_decode_test.c
- asn1_encode_test.c
- asn1_internal_test.c
- asn1_string_table_test.c
- asn1_time_test.c
- asynciotest.c
- asynctest.c
- bad_dtls_test.c
- bftest.c
- bio_callback_test.c
- bio_enc_test.c
- bioprinttest.c
- bntest.c
- bntests.pl
- build.info
- CAss.cnf
- CAssdh.cnf
- CAssdsa.cnf
- CAssrsa.cnf
- casttest.c
- CAtsa.cnf
- chacha_internal_test.c
- cipher_overhead_test.c
- cipherbytes_test.c
- cipherlist_test.c
- ciphername_test.c
- clienthellotest.c
- cms-examples.pl
- cmsapitest.c
- conf_include_test.c
- constant_time_test.c
- crltest.c
- ct_test.c
- ctype_internal_test.c
- curve448_internal_test.c
- d2i_test.c
- danetest.c
- danetest.in
- danetest.pem
- destest.c
- dhtest.c
- drbg_cavs_data.c
- drbg_cavs_data.h
- drbg_cavs_test.c
- drbgtest.c
- drbgtest.h
- dsa_no_digest_size_test.c
- dsatest.c
- dtls_mtu_test.c
- dtlstest.c
- dtlsv1listentest.c
- ecdsatest.c
- ecstresstest.c
- ectest.c
- enginetest.c
- errtest.c
- evp_extra_test.c
- evp_test.c
- evp_test.h
- exdatatest.c
- exptest.c
- fatalerrtest.c
- generate_buildtest.pl
- generate_ssl_tests.pl
- gmdifftest.c
- gosttest.c
- handshake_helper.c
- handshake_helper.h
- hmactest.c
- ideatest.c
- igetest.c
- lhash_test.c
- md2test.c
- mdc2_internal_test.c
- mdc2test.c
- memleaktest.c
- modes_internal_test.c
- ocspapitest.c
- P1ss.cnf
- P2ss.cnf
- packettest.c
- pbelutest.c
- pemtest.c
- pkcs7-1.pem
- pkcs7.pem
- pkey_meth_kdf_test.c
- pkey_meth_test.c
- pkits-test.pl
- poly1305_internal_test.c
- rc2test.c
- rc4test.c
- rc5test.c
- rdrand_sanitytest.c
- README
- README.external
- README.ssltest.md
- recordlentest.c
- rsa_mp_test.c
- rsa_test.c
- run_tests.pl
- sanitytest.c
- secmemtest.c
- serverinfo.pem
- serverinfo2.pem
- servername_test.c
- session.pem
- shibboleth.pfx
- shlibloadtest.c
- siphash_internal_test.c
- sm2_internal_test.c
- sm4_internal_test.c
- smcont.txt
- srptest.c
- ssl_cert_table_internal_test.c
- ssl_test.c
- ssl_test.tmpl
- ssl_test_ctx.c
- ssl_test_ctx.h
- ssl_test_ctx_test.c
- ssl_test_ctx_test.conf
- sslapitest.c
- sslbuffertest.c
- sslcorrupttest.c
- ssltest_old.c
- ssltestlib.c
- ssltestlib.h
- Sssdsa.cnf
- Sssrsa.cnf
- stack_test.c
- sysdefault.cnf
- sysdefaulttest.c
- test.cnf
- test_test.c
- testcrl.pem
- testdsa.pem
- testdsapub.pem
- testec-p256.pem
- testecpub-p256.pem
- testp7.pem
- testreq2.pem
- testrsa.pem
- testrsapub.pem
- testsid.pem
- testutil.h
- testx509.pem
- threadstest.c
- time_offset_test.c
- tls13ccstest.c
- tls13encryptiontest.c
- tls13secretstest.c
- uitest.c
- Uss.cnf
- v3-cert1.pem
- v3-cert2.pem
- v3ext.c
- v3nametest.c
- verify_extra_test.c
- versions.c
- wpackettest.c
- x509_check_cert_pkey_test.c
- x509_dup_cert_test.c
- x509_internal_test.c
- x509_time_test.c
- x509aux.c
rdrand_sanitytest.c @debian/openssl-1.1.1-2 — raw · history · blame
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 | /* * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include "testutil.h" #include <openssl/opensslconf.h> #if (defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ defined(__x86_64) || defined(__x86_64__) || \ defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ) size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len); size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len); void OPENSSL_cpuid_setup(void); extern unsigned int OPENSSL_ia32cap_P[4]; static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t), int rounds, int min_failures, int max_retries, int max_zero_words) { int testresult = 0; unsigned char prior[31] = {0}, buf[31] = {0}, check[7]; int failures = 0, zero_words = 0; int i; for (i = 0; i < rounds; i++) { size_t generated = 0; int retry; for (retry = 0; retry < max_retries; retry++) { generated = rng(buf, sizeof(buf)); if (generated == sizeof(buf)) break; failures++; } /*- * Verify that we don't have too many unexpected runs of zeroes, * implying that we might be accidentally using the 32-bit RDRAND * instead of the 64-bit one on 64-bit systems. */ size_t j; for (j = 0; j < sizeof(buf) - 1; j++) { if (buf[j] == 0 && buf[j+1] == 0) { zero_words++; } } if (!TEST_int_eq(generated, sizeof(buf))) goto end; if (!TEST_false(!memcmp(prior, buf, sizeof(buf)))) goto end; /* Verify that the last 7 bytes of buf aren't all the same value */ unsigned char *tail = &buf[sizeof(buf) - sizeof(check)]; memset(check, tail[0], 7); if (!TEST_false(!memcmp(check, tail, sizeof(check)))) goto end; /* Save the result and make sure it's different next time */ memcpy(prior, buf, sizeof(buf)); } if (!TEST_int_le(zero_words, max_zero_words)) goto end; if (!TEST_int_ge(failures, min_failures)) goto end; testresult = 1; end: return testresult; } static int sanity_check_rdrand_bytes(void) { return sanity_check_bytes(OPENSSL_ia32_rdrand_bytes, 1000, 0, 10, 10); } static int sanity_check_rdseed_bytes(void) { /*- * RDSEED may take many retries to succeed; note that this is effectively * multiplied by the 8x retry loop in asm, and failure probabilities are * increased by the fact that we need either 4 or 8 samples depending on * the platform. */ return sanity_check_bytes(OPENSSL_ia32_rdseed_bytes, 1000, 1, 10000, 10); } int setup_tests(void) { OPENSSL_cpuid_setup(); int have_rdseed = (OPENSSL_ia32cap_P[2] & (1 << 18)) != 0; int have_rdrand = (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0; if (have_rdrand) { ADD_TEST(sanity_check_rdrand_bytes); } if (have_rdseed) { ADD_TEST(sanity_check_rdseed_bytes); } return 1; } #else int setup_tests(void) { return 1; } #endif |